|
From: | Pádraig Brady |
Subject: | Re: Testing for Shellshock ... combinatorics and latest(Shellshock) Bash Vulnerability...(attn: Chet Ramey) |
Date: | Thu, 09 Oct 2014 23:06:56 +0100 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 |
On 10/09/2014 08:46 PM, Rick Karcich (rkarcich) wrote: > Hello Chet, > > Re: testing for Shellshock... would like your feedback... specifically, > regarding the possibility of human-directed combinatorial testing to find > this Bash vulnerability... Sounds like how Michal Zalewski found the related CVE-2014-6278 http://lcamtuf.blogspot.ie/2014/10/bash-bug-how-we-finally-cracked.html Pádraig.
[Prev in Thread] | Current Thread | [Next in Thread] |